[Mageia-dev] [RPM] cauldron core/release openssh-5.8p1-2.mga1
Jérôme (saispo) Soyer
saispo at gmail.com
Thu May 5 15:20:03 CEST 2011
And the creation of an irc channel ? for example #mageia-security or a
dedicated mailing list maybe a good solution too no ?
For the wiki package, i will start tomorrow, just to order my many
idea for building an outline, but help are welcome :)
On Thu, May 5, 2011 at 1:35 PM, Stew Benedict <stewbintn at gmail.com> wrote:
> On 05/05/2011 06:48 AM, Jérôme (saispo) Soyer wrote:
>> As we said yesterday in packager meeting, a wiki page dedicated to
>> secteam must be written with all information about where we can see
>> advisory, grabing patch and good pratice for the process (opening a
>> bug, correcting the bug, doing a good changelog etc..)
>>
>> What do you think about that ?
>>
> Sounds like a good idea. If you want to start such a page, I'll add to
> it as needed. If others are interested we can start to identify the
> team. For now we don't have to worry about embargoed issues, private
> bugs etc., until we develop some history of security updates and can
> apply for admission to the closed list.
>
> Personally, I would identify not only our own bug in the changelog, but
> also the CVE etc. People seem to tend to focus on versions when they
> stumble upon security related announcements, and it's nice to be able to
> quickly point to the package changelog to show the issue has been addressed.
>
> --
> Stew Benedict
> New Tazewell, TN
>
>
>
More information about the Mageia-dev
mailing list